Dutch political websites hit by cyber attacks as EU voting starts
The 2024 European Parliament election started in the Netherlands today, June 6, 2024, and will continue through June 9 in the other 26 countries that are part of the European Union. Cloudflare observed DDoS attacks targeting multiple election or politically-related Internet properties on election day in the Netherlands, as well as the preceding day.
These elections are highly anticipated. It’s also the first European election without the UK after Brexit.
According to news reports, several websites of political parties in the Netherlands suffered cyberattacks on Thursday, with a pro-Russian hacker group called HackNeT claiming responsibility.
On June 5 and 6, 2024, Cloudflare systems automatically detected and mitigated DDoS attacks that targeted at least three politically-related Dutch websites. Significant attack activity targeted two of them, and is described below.
A DDoS attack, short for Distributed Denial of Service attack, is a type of cyber attack that aims to take down or disrupt Internet services such as websites or mobile apps and make them unavailable for users. DDoS attacks are usually done by flooding the victim's server with more traffic than it can handle. To learn more about DDoS attacks and other types of attacks, visit our Learning Center.
Attackers Continue reading
KU057: Packing Up Kubernetes Unpacked
All good things must come to an end, and in this case that means saying farewell to Kubernetes Unpacked. In this final episode, Michael and Kristina pack up the Kubernetes Unpacked podcast. They look back on covering issues including sustainability, security, open source projects, and certifications. They thank the professionals who joined the show as... Read more »Protecting vulnerable communities for 10 years with Project Galileo
In celebration of Project Galileo's 10th anniversary, we want to give you a snapshot of what organizations that work in the public interest experience on an everyday basis when it comes to keeping their websites online. With this, we are publishing the Project Galileo 10th anniversary Radar dashboard with the aim of providing valuable insights to researchers, civil society members, and targeted organizations, equipping them with effective strategies for protecting both internal information and their public online presence.
Key Statistics
- Under Project Galileo, we protect more than 2,600 Internet properties in 111 countries.
- Between May 1, 2023, and March 31, 2024, Cloudflare blocked 31.93 billion cyber threats against organizations protected under Project Galileo. This is an average of nearly 95.89 million cyber attacks per day over the 11-month period.
- When looking at the different organizational categories, journalism and media organizations were the most attacked, accounting for 34% of all attacks targeting the Internet properties protected under the Project in the last year, followed by human rights organizations at 17%.
- On October 11, 2023, Cloudflare detected one of the largest attacks we’ve seen against an organization under Project Galileo, targeting a prominent independent journalism website covering stories in Russia Continue reading
DNS Topics at RIPE 88
RIPE 88 was held in May 2024 at Krakow, Poland. Here’s as summary of some of the DNS topics that were presented at that meeting that I found to be of interest.Day Two Cloud Crossover: When the Cloud was Born
Welcome to a crossover episode with the Day Two Cloud podcast! Eric Chou was there for the birth of the public cloud. Before DevOps or SREs were a thing, before Azure was Azure, Eric was a network engineer for Amazon, helping them build out their retail technology platform. Of course, that platform evolved into the... Read more »D2C244: When the Cloud was Born
Eric Chou was there for the birth of the public cloud. Before DevOps or SREs were a thing, before Azure was Azure, Eric was a network engineer for Amazon, helping them build out their retail technology platform. Of course, that platform evolved into the world’s leading public cloud–AWS. Eric joins the show today to tell... Read more »European Union elections 2024: securing democratic processes in light of new threats
Between June 6-9 2024, hundreds of millions of European Union (EU) citizens will be voting to elect their members of the European Parliament (MEPs). The European elections, held every five years, are one of the biggest democratic exercises in the world. Voters in each of the 27 EU countries will elect a different number of MEPs according to population size and based on a proportional system, and the 720 newly elected MEPs will take their seats in July. All EU member states have different election processes, institutions, and methods, and the security risks are significant, both in terms of cyber attacks but also with regard to influencing voters through disinformation. This makes the task of securing the European elections a particularly complex one, which requires collaboration between many different institutions and stakeholders, including the private sector. Cloudflare is well positioned to support governments and political campaigns in managing large-scale cyber attacks. We have also helped election entities around the world by providing tools and expertise to protect them from attack. Moreover, through the Athenian Project, Cloudflare works with state and local governments in the United States, as well as governments around the world through international nonprofit partners, to provide Continue reading
Energy Independence, at least for gadgets and electronics; what’s the point of growing spinach and Mint?
This post is a bit different from my usual networking content. I won’t be discussing power grid inefficiencies or pollution. After learning some principles from permaculture, an ethical design science focused on life, it’s more of a personal reflection. I’m concerned about our society’s reliance on non-producing, ever-consuming and our mindset to depend on external producers. Even simple things that can be eliminated or produced without much effort have become needlessly complex, creating unnecessary consumption, erasing the human spark to make or say no to mindless consumerism, and creating vast dump yards. We used to be producers but have become ultimate consumers of life’s simple things.
TLDR: It’s not about affordability or money; I think everyone here can afford spinach or charge their devices happily, paying a service provider; the question is, why are we dependent on external grids and super-stores for simple things in life that were free at one point of time in our society, over consumerism, isolated and end up creating our own silo kingdoms?
Why did it make sense to me?
At a very high level, we all know that the climatic changes and food production, in general, have affected the topsoil so much that Continue reading
HS074: Geek Speak to Biz Talk
To be an effective technologist in a corporation, your efforts need to be aligned with the business strategy of your organization. In today’s episode, Johna and Greg show you how to do this, even if your organization has no written business strategy. They explain how to “read the tea leaves” to tell if your organization... Read more »
PP017: What’s the Matter? Understanding the Matter Protocol
Matter is an IoT protocol that has security and interoperability baked into it. Steve Hanna, the chair of the Product Security Working Group in the Connectivity Standards Alliance, joins the show today to walk us through this IP-based protocol for smart home devices. He compares Matter to an armored car, delivering a valuable payload securely... Read more »NB481: HPE Unloads BSS/OSS Tools; Multi-National Force Busts Botnets
Take a Network Break! Johna fills in for Drew this week. We start with HPE adapting to the 5G market and unloading BSS/OSS tools to HCLTech. Dell financial results suggest AI problems. ISP Windstream replaces 600,000 routers destroyed by malware. France, Germany and the Netherlands lead the largest-ever police action against botnets with the help... Read more »Rule 11 Academy 060324
New material at Rule 11 Academy this week:
Understanding Intra-AS BGP
Suboptimal BGP Route Reflection Lab
I’ve done a good bit of BGP to this point; I’m probably going to work on link state or some other part of the outline next week. I’m trying to make certain everyone who signs up for the first time gets the first six months for free; the membership plugin is being a bit squirrely, so you might see accounts expired, etc. I’m fixing these as I see them.
Adopting OpenTelemetry for our logging pipeline
Cloudflare’s logging pipeline is one of the largest data pipelines that Cloudflare has, serving millions of log events per second globally, from every server we run. Recently, we undertook a project to migrate the underlying systems of our logging pipeline from syslog-ng to OpenTelemetry Collector and in this post we want to share how we managed to swap out such a significant piece of our infrastructure, why we did it, what went well, what went wrong, and how we plan to improve the pipeline even more going forward.
Background
A full breakdown of our existing infrastructure can be found in our previous post An overview of Cloudflare's logging pipeline, but to quickly summarize here:
- We run a syslog-ng daemon on every server, reading from the local systemd-journald journal, and a set of named pipes.
- We forward those logs to a set of centralized “log-x receivers”, in one of our core data centers.
- We have a dead letter queue destination in another core data center, which receives messages that could not be sent to the primary receiver, and which get mirrored across to the primary receivers when possible.
The goal of this project was to replace those syslog-ng instances as Continue reading
Public Videos: Network Automation 101
You can access the Network Automation 101 videos without registration. Hope you’ll find them useful if you’re just starting your network automation journey.
Configuring AAA on Arista EOS Devices Using TACACS+ and ISE
In this blog post, let's look at how to configure TACACS+ AAA authentication on Arista EOS devices using Cisco ISE. When someone tries to log in to the device, we want the Arista device to authenticate and authorize the user against Cisco ISE. We'll go through the necessary configurations and steps to set up this integration between Arista EOS and Cisco ISE.
Local Authorization vs ISE Authorization
You could configure this in two ways with a slight difference. With the first method, ISE authenticates the user and tells Arista which role to apply. Arista devices come with two predefined roles, network-admin and network-operator. For example, if we have two different groups of users, network engineers who need full access and NOC engineers who only need read-only access. When the users log in, depending on the policy, ISE will send TACACS+ attributes that tell the switch which role to apply. With this method, the authorization happens locally at the switch.
For the second method, we will not use these two predefined roles. Each command the user enters on the CLI will be authorized by Cisco ISE. For example, we can allow all commands for network engineers and prevent NOC engineers from Continue reading
NetBox in the Cloud, for Free
Yes, you read that right. NetBox Labs is now offering a generous free plan for their SaaS version of NetBox. This change is a big win for many of us who no longer need to worry about managing our own NetBox instances. With this free plan, you can take advantage of all the powerful features of NetBox without the hassle of maintenance and updates.
Why This Matters to Me?
As a blogger, I create a lot of labs and practice a lot of automation. I rely on NetBox for IP Address Management (IPAM) and other network-related tasks. Before this, I had my NetBox running as a Docker container on one of my VMs. However, there were times when I wanted to access NetBox and found out the VM was powered off. This free plan is music to my ears. There is a 100-device limit, but that's more than enough for my needs.
How to Get it?
Getting started with the free plan is as simple as going to their website and signing up for a free plan. I was up and running within a few minutes. The free plan includes up to 100 devices, 500 IP addresses, and 10k API Continue reading
Fat Pipe Transition Notification – June 2024
Hey, everyone. Ethan here with a behind-the-scenes administrative request. Several thousand of you subscribe to the Packet Pushers’ Fat Pipe. In the Fat Pipe, we’ve been stuffing every single podcast we produce. The problem is that we produce way too many shows–one almost every weekday–for the average podcast client to absorb them all. We can... Read more »Pi-hole on Raspberry Pi 3B with Debian
This guide helps you to install Pi-hole on your Raspberry Pi 3B running Debian 12, […]
The post Pi-hole on Raspberry Pi 3B with Debian first appeared on Brezular's Blog.
Network observability in Kubernetes clusters for better security and faster troubleshooting
For DevOps and platform teams working with containers and Kubernetes, reducing downtime and improving security posture is crucial. A clear understanding of network topology, service interactions, and workload dependencies is required in cloud-native applications. This is essential for securing and optimizing the Kubernetes deployment and minimizing response time in the event of failure.
Network observability can highlight gaps in network policies for applications that require network policy controls to reduce the risk of attack from unsecured egress access or lateral movement of threats within the Kubernetes cluster. However, visualizing workload communication, service dependencies, and active and inactive network security policies presents significant challenges due to the distributed and dynamic nature of Kubernetes workloads.
Why is network observability difficult with Kubernetes workloads?
Kubernetes scales up and scales out pods and creates and destroys services depending on real-time business requirements, resulting in dynamic network connections for each workload instance. Network access policies defined for each workload further impact these connections.
In such a scenario, capturing an accurate and up-to-date representation of network traffic, service dependencies, and network policies is difficult. The default Kubernetes implementation provides limited network traffic visibility and policy information, making it challenging for teams to troubleshoot connectivity issues, improve Continue reading